>>106845522
>through the signal protocol
Isn't that backdoored?

>>106845543
The encryption is good, but it's designed to be sniffed for message size/timing/phonenumber/ip analysis by the NSA.

Why is this not on the Google Play Store? How can we know this isn't super harmful malware?

>>106845522
*******

>>106845804
*****

>>106845522
Very cool
I'm going to convince my criminal friends to use this

>>106845522
>java
grim

>last commit
>2 years ago
its dead

>>106845522
yeah, I bet it's some fucked up bullshit like that Briar bullshit

I have nothing to hide

>>106845522
What's the decrytion process?

>>106845605
elaborate; please

>>106845998
https://people.cs.umass.edu/~amir/papers/TDSC22_I_Still_Know.pdf

No traffic obfuscation, no overlay network with onion routing, phonenumber registration ...

>>106846038
Very low hanging fruit
It's not part of the thread model at all

>>106845522
>signal protocol

That's a us government backdoor.

>>106846042
>government is not part of the threat model
Indeed, that is Signal.

>>106846061
No
Timing and metadata is not part of the threat model in any messaging app
This is probably baby's first paper so he published something that literally everyone knew about and acted like it was something
It's not

>>106846061
Can they read the content of the messages? Or just figure out who's talking to whom and when?

>>106846083
All they can see is that this phone number sent this phone number an unreadable message at this time
It's a total nothing burger

>>106845704
Oh please

>>106846082
>Timing and metadata is not part of the threat model in any messaging app
https://code.briarproject.org/briar/briar-spec/blob/master/protocols/BTP.md

>>106846090
You need a proper long term owned phonenumber, when you lose control over your phonenumber you've pretty much lost your signal account ... it's as good as your real name.

So now they have your social network, with real names, gg.

>>106845903
you can hide shit that isn't illegal.

>>106846090


>>106846082


This isn't Reddit, Chang.

>>106845522
I expected that someone would eventually come up with that.
Like just a week ago I had that thought, that this is the most convenient way to do encrypted messages on a smartphone with gpg.

>>106846090
Not really, it might not be a nothing burger.
Depending on how hellish your country is:
1. It's really enough to get questioned(you country is a hell hole that is a hermit kingdom of some kind).
2. It's really enough to get you questioned if it's <differing political opinion on messaging certain groups of people>.

>>106845522
ok so i just installed it on two phones and tested it out. it's hella cool as a novelty, but in practice someone not tech inclined (ie someone who has never used public key crypto before) would stumble and fall upon their face, despite the simplicity.
The devs made a few critical issues though. One is to have a set/defined message length, so if you don't write a message to the required length, it adds a bunch of invisible characters on the end of every message in storybook mode. That's hella easy for anyone mass surveilling to detect.
Two is that sharing keys is clunky (you both have to manually add each other) and sharing keys doesn't have a storybook mode, so it's rather obvious that you are sharing public keys.

Really fun novelty but just needs a bit of re-working.
I'd consider working on it but I'm already working on a ground-up cryptographic messenger that is routed over Tor. (ie, I contribute to TorX Chat)